Electronic Clinical Notes: Are They Required?

There has been some discussion in pharmacy circles about clinical notes and whether PBMs are requiring them to be electronically annotated (or if hand-written clinical notes will continue to suffice).

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
While PAAS National® has not seen PBMs explicitly require this in their provider manuals, there are some compelling reasons your pharmacy should consider using electronic annotations.

First, DEA rule 21 CFR 1311.200(f) states that pharmacists must make and retain annotations electronically when filling an electronic prescription.

Second, be aware that state laws may require electronic annotations. For example, New York controlled substance rules mirror the DEA language when it comes to electronic prescriptions and annotations.

Third, while PBMs may not explicitly require electronic annotations, not having date and time stamped notes in your pharmacy software may be detrimental for audit appeals. Many PBMs are giving preference, or requiring, electronic date and time stamped clinical notes to appeal certain discrepancies successfully. With a date/time stamp, the detail provides validation to the PBM that they existed at the time of dispensing.

Examples:

  • Elixir requires electronic date and time stamped notes in a patient’s profile in order to appeal missing DAW 2 documentation.
  • Humana requires a copy of pharmacy electronically stored notes for various discrepancies, including missing information on a prescription and unauthorized refills showing information was confirmed at the time of dispensing.

PAAS Tips:

  • Clinical notes should contain 4 elements:
    • Date/time
    • Name and title of who you spoke with
    • Summary of discussion
    • Pharmacy staff initials
  • Make annotations electronically if possible. This can help avoid later audit appeal and legibility issues
  • If making handwritten annotations, ensure you rescan the prescription into your software
  • See the July 2023 Newsline article, Remember to Maintain and Provide Complete Clinical Notes!

Desk Audits for Worker’s Compensation Claims

PAAS National® analysts have recently seen an increase in desk audits for worker’s compensation claims, mostly performed by Script Care. There has been a high rate of fraud with worker’s compensation in the past and these claims are subject to more scrutiny.

Many states have additional laws specific to worker’s compensation and auditors have often cited prescriptions as “invalid” if prescriptions did not conform to these specific laws.

A few common audit discrepancies include:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  1. Missing/Incomplete documentation to support DAW-1 claims.
  2. Missing documentation to substantiate that worker’s compensation is the responsible payer (e.g., includes diagnosis code and date of injury).

Upon first receiving an audit contact PAAS (608) 873-1342 so that an analyst can assist you from the start of the audit for the best results.

PAAS Tips:

  • Consider recent fraud against the Department of Labor’s Office of Workers’ Compensation
    • Nine Defendants Sentenced in $126M Compounding Fraud Scheme
    • “Compound King” and Wife Sentenced in $21 Million Health Care Fraud Scheme; Fugitive Sought
    • Former Pharmacy Employee Admits Role in Multi-Million Dollar Illegal Kickback Scheme

Auditors Crack Down on Pharmacies That Bypass Plan Limits

PAAS National® analysts want to warn pharmacies about an uptick in PBMs flagging prescriptions for bypassing plan limit rejects. These prescriptions are being marked as discrepant and face full recoupment. Share this information with your staff and ensure that claims are not unintentionally being put at risk for audit/recoupment.

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

When pharmacies receive a reject of plan limit or exceeds maximum daily dose, pharmacy staff must follow the plan guidelines to submit the claim appropriately. The plan sending this rejection is telling the pharmacy that the dosage is not covered without additional requirements. This could mean prior authorization, switching to a different dose, or changing to another medication.

Pharmacies that manipulate the days’ supply to bypass the rejection are putting those claims at risk of recoupment. PBMs can easily track when pharmacies run a claim, receive a reject, and immediately rebill for the same quantity but different days’ supply. This raises a red flag that the plan reject was likely not adhered to appropriately – low hanging fruit for PBM auditors.

Reducing the quantity and/or split billing prescriptions can also be an audit risk. If a reduced quantity is submitted to bypass the plan limit (e.g., to get under a dollar threshold), the claim is still in jeopardy of being recouped. Beyond circumventing a plan limit, the payor may argue it increased costs through additional refills, dispensing fees, and patient copays. One patient complaint to their plan could lead to big trouble for network pharmacies.

PAAS Tips:

  • Always bill the accurate days’ supply based on the instructions for use indicated on the prescription
  • Make sure all staff are instructed to follow plan rejects appropriately and not change the days’ supply to get a paid claim
  • Check with the PBM help desk for guidance on rejects that are vague or unclear
  • Do not split bill rejected claims
    • Charging the patient cash often leads to complaints [from the patient to an employer or PBM] and can be considered non-compliance with the provider manual and lead to remediation, including potential network termination
    • If you have exhausted all plan options and the patient insists on paying cash for the full prescription, be sure that you document authorization from the patient that they desired to pay the full cost and did not want to wait for the proper channels
  • If having difficulties with prescribers following through on prior authorization, enlist the patient to help. The patient could contact the prescriber and/or file a complaint with their insurance which may speed up the process.

Nearly 90% of Cyber Breaches are Caused by…

Every day, pharmacies and their hardworking staff safeguard patients’ Protected Health Information (PHI), but breaches still occur. The June 2023 Health and Human Services Office for Civil Rights (OCR) Cybersecurity Newsletter focused on providing an insight into cybersecurity authentication and tips for building a more robust “wall” for malicious actors to encounter before a breach could occur. The OCR newsletter indicated that according to a 2023 Data Breach Investigations Report, “86% of [cyber] attacks to access an organization’s Internet-facing systems (e.g., web servers, email servers) used stolen or compromised credentials” and “robust authentication serves as the first line of defense against malicious intrusions and attacks”.

As mentioned in the OCR newsletter, the National Institute of Standards and Technology’s Digital Identity Guidelines believes that “historically, three factors form the cornerstones of authentication:

  • Something you know (e.g., password, personal identification number (PIN))
  • Something you have (e.g., smart ID card, security token)
  • Something you are (e.g., fingerprint, facial recognition, other biometric data)”

Multi-factor authentication is a common method for ensuring the person gaining access to a system is, in fact, who they say they are. It would require one element from two different bullets listed above, such as a password plus a security token. The Cybersecurity Newsletter states that “Cyber-attacks often begin with a compromised password that is used to gain initial access to an electronic information system.” If a password is compromised through a successful phishing attempt, the second element (e.g., security token) may be enough to block unauthorized entry long enough for the Security Officer to perform an Information Systems Activity Review and identify the unusual activity and intervene.

Safeguarding PHI and being compliant with the HIPAA Security Rule is required for any entity handling PHI. The Security Rule was designed to be flexible, allowing providers with varying scopes, sizes and resources to be compliant. Whether your pharmacy has been around for 30 years or 30 days, a thorough evaluation of your HIPAA program should be done at least annually. The beauty of the PAAS National® Fraud, Waste & Abuse (FWA) and HIPAA Compliance Program, is that it mirrors the flexibility of the HIPAA Security Rule and is anything BUT a cookie-cutter program. Pharmacies perform a risk analysis upon enrolling in the program and answer questions which allows us to customize a compliance policy and procedure manual specific to your pharmacy. PAAS Analysts are always happy to discuss how the PAAS FWA/HIPAA Compliance Program is built to help you address federal regulations. Call (608) 873-1342 or visit PAASNational.com to see how you can become an FWA/HIPAA Compliance member today.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
  • Current FWA/HIPAA Compliance members can
    • Review sections 11.3.4 Information System Activity Review, 11.4 Workforce Security and 11.14 Access Control of the Policy and Procedure manual for more information
      • See Appendix B for the Information System Activity Review Log
    • Utilize the Employee Request for Access form in Appendix B to record the level of access and any keys or identification badges each employee possesses in order to perform their job duties, AND to record when the access is terminated, and keys/badges are returned
  • Provide each employee with their own unique log-in credentials and ensure their HIPAA training discusses the importance of safeguarding their passwords and all keys/security badges

Invoice Audits Are on the Rise – Are You Prepared for Success?

Most pharmacies have grown accustomed to desk audits and providing copies of prescriptions, signature logs, and even copay collection records to PBMs upon request. Additionally, many pharmacies can recount their most recent experience with an onsite auditor visiting their pharmacy and the numerous questions related to operations, policies & procedures, and credentialing. However, not as many pharmacies have experienced an invoice audit – the stakes are higher and honest mistakes can lead to very expensive lessons in the process.

PAAS National® analysts have helped our members navigate countless invoice audits. Our analyst team is here to assist you through the audit process from start to finish and that includes getting things done correctly long before the audit ever comes your way. Follow the tips below to have the most success.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • Carefully evaluate your wholesalers/suppliers to ensure they are legitimate
    • NABP Accredited Drug Distributors can be found here
    • Wholesalers licensed in your state can be found here
    • Remember that OTC diabetic test strip manufacturers only sell their products to “authorized distributors” – see June 2023 Newsline article, LifeScan Extortion – Diabetic Test Strip “Authorized Distributors” for links to manufacturer websites
  • Limit purchases from other pharmacies to the minimum necessary
    • Drug Supply Chain Security Act (DSCSA) pedigree information is required unless purchase is (1) intra-company or (2) to fulfill a specific patient need
    • Full transaction details are required for audit purposes – see December 2022 Newsline article, Pharmacy to Pharmacy Inventory Transfers – Buyer Beware! for necessary documentation including selling pharmacy information and method of payment
  • Ensure pharmacy staff are billing the correct quantity based on NCPDP billing standards – when in doubt, call PAAS for help
  • Every claim billed must have NDCs that match the physical product being dispensed
    • No exceptions, all 11 digits matter
    • Includes all compound ingredients
    • PAAS recommends using barcode scanner to confirm NDC accuracy in pharmacy workflow
  • Confirm the pharmacy is appropriately reversing claims that are not dispensed

Billing Test Claims? It Can Cost You!

We have all been there – a prescriber calls the pharmacy to find out which prescription from a therapeutic category will be the most cost-effective for the patient. Without access to a plan formulary, the only way you can easily do this for the prescriber is to bill claims to the insurance one by one. Not only is this a time-consuming practice, it can also be costly because “test claims” are prohibited by most third-party payers.

Why would something that seems beneficial to a patient be prohibited? Unfortunately, test claims have been used by bad actors to maximize reimbursement from PBMs, often to the detriment of the plan, and even the patient. In a real-world example, a Florida pharmacy owner was recently convicted on two counts of soliciting and receiving illegal health care kickbacks and three counts of offering and paying illegal health care kickbacks. He was caught when billing test claims to maximize his reimbursement, then paying millions in kickbacks based on a percentage of the reimbursement to those willing to prescribe the most expensive drugs. He is currently awaiting sentencing which could include a maximum of 10 years in prison for each kickback count.

Another reason test claims are prohibited is because a pharmacy may forget to reverse a claim after testing it and receive payment for a prescription that does not exist, was not prescribed, purchased, or dispensed. This can financially impact the plan and can lead to mistakes and confusion for the patient regarding deductibles and coinsurance.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
  • Avoid test claims – any claim billed to a third-party should have a corresponding prescription in your records.
  • If a prescriber insists on checking formulary coverage, require them to authorize verbal orders for every claim submitted (with full prescription information).
  • If a claim is rejected, or the patient elects to not fill a prescription (and requests the hardcopy back), you still need to maintain a copy of the prescription for audit purposes.
  • Never “delete” prescription claims from your pharmacy software entirely – void or put on hold as a placeholder (even if billed under wrong patient by mistake).
  • Any claim sent to a third-party can be audited, even if reversed, so you must have a copy of the prescription available to send to an auditor to prove it was not a test claim.
  • Resist the Urge: Don’t Reverse Claims After Receiving an Audit written in May 2023 Newsline

MATE Training for Buprenorphine Prescribers

Historically, buprenorphine prescriptions with an indication of opioid dependence were an easy recoupment when an X-DEA number wasn’t included on the hardcopy. However, as discussed in our February 2023 Newsline article, XDEA Numbers Have Been NiXed…but Not the Training, X-DEA numbers are no longer required due to the Mainstreaming Addiction Treatment (MAT) Act, found in Section 1262 of the “Consolidated Appropriations Act of 2023”. Instead, there are now training requirements for DEA registrants before being able to prescribe buprenorphine prescriptions. Beginning on June 27, 2023, Section 1263 of the “Consolidated Appropriations Act of 2023”, the Medication Access and Training Expansion (MATE) Act, requires all new or renewing DEA registrants to have met at least one of the following requirements when submitting their DEA registration application:

  • A cumulative eight hours of training from approved organizations on opioid or other substance use disorders for practitioners prescribing any Schedule II-V controlled substance medications
  • Board certification in Addiction Medicine or Addiction Psychiatry from specific medical specialty boards
  • Graduated within the previous five years and “in good standing from medical, advanced practice nursing, or physician assistant school in the US that included successful completion of an opioid or other substance use disorder curriculum of at least eight hours”

How does this relate to your pharmacy?

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
Currently, there are 10 states that allow pharmacist to prescribe controlled substances to some capacity depending on state law – California, Idaho, Massachusetts, Montana, New Mexico, North Carolina, Ohio, Tennessee, Utah, and Washington. Due to the implementation of the MAT Act, DEA-registered pharmacists in those states may now be eligible to prescribe buprenorphine for patients with opioid use disorders. Also, take note that, barring any state-level requirements, pharmacies are not required to verify that prescribers have met the training requirements.

PAAS Tips:

  • Check your state for any laws applicable to buprenorphine prescribing [for opioid use disorder] as the more stringent regulation will take precedent
    • States that require practitioners to have waivers can use Substance Abuse and Mental Health Services Administration (SAMHSA) Buprenorphine lookup form to ensure practitioners’ certification
  • Refer to SAMHSA website on Training Requirement Resources
  • Review the DEA’s letter, dated March 27, 2023, outlining how practitioners are able to meet the new training requirements with more specifics, such as which accredited groups are able to provide the necessary training

Seeing Too Many or Repeated Prescription Validation Requests – Take Action!

In our February 2023 Newsline article, PBM Prescription Validation Requests Rose Nearly 20% in 2022, we mentioned that while the validation requests are a nuisance, they can work to the pharmacy’s benefit. Because the PBM is looking at the claim before payment is received, pharmacies can avoid incorrectly refilling a medication if an error is detected and potentially correct a billing error on the date that it is being reviewed. This can prevent large financial recoupments upon a future audit. These requests can also be very frustrating when the claim reviews are repetitious, and no billing errors are found creating work for the pharmacy without any need to correct the claim. See the PAAS tips below for best practices on how to track and manage duplicate or high numbers of validation requests.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • Have a designated individual manage the validation requests
  • Keep a binder or folder to track of all requests from month to month
  • PAAS often sees duplicate validation requests from members on claims that have already been validated
  • If there is a claim that has already been validated with no issues, pharmacy should push back and ask the PBM (or contracting entity) to stop sending requests every month
  • OptumRx/EXL makes up the vast majority of the pre-pay reviews that members report to PAAS. If you feel you are getting a large number of requests from OptumRx, politely push back on this as well
  • If your pharmacy receives “results” from EXL for an OptumRx validation request, typically no action is required by the pharmacy at that time. OptumRx will review the electronic claims data and send the pharmacy a letter if they found an error on the claim.

Are You Missing Audit Communications?

PAAS National® analysts have recently seen many PBMs and audit contractors send communications, including audit letters, to network pharmacies via email instead of facsimile or postal mail. In most cases, these emails are sent to the address on file via your NCPDP Pharmacy Profile.

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

One audit contactor, Conduent Payment Integrity Solutions, sends an email that includes an “acknowledgement” box within the email that pharmacies must click on to confirm receipt of the email. If the email is not acknowledged, then Conduent will send additional communications to confirm receipt.

PAAS Tips:

  • Ensure your NCPDP pharmacy profiles are up-to-date, particularly your email address and fax number
  • Choose your preferred email address carefully – it should be an email inbox that is attended to frequently (perhaps daily)
    • Consider if the email inbox should be accessible to management only or any staff member
    • If an audit email is “acknowledged” but not escalated to the appropriate person(s), it could put the pharmacy in a bind unnecessarily

Incorrect NDC or NPI Billed? Humana Requires Corrections

Humana has recently sent out another round of audits where either an incorrect NDC number or National Provider Identifier (NPI) was billed. The claim went through the switch at the time of fill, so why is Humana auditing these claims years later, and how do they know these data fields had incorrect information?

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

These are likely Medicare claims that have been found to be invalid through retroactive validation of Prescription Drug Event (PDE) records by CMS. Humana must fix the incorrect information or face recoupment if it cannot be resolved.

An incorrect NDC is found when the NDC on the claim is billed before that NDC’s marketing start date, after the marketing end date, or not on the Food and Drug Administration’s (FDA) NDC Structured Product Labeling (SPL) Data Elements (NSDE) list. A pharmacy should not have access to a specific NDC before the marketing start date. The marketing end date will be the expiration date of the last lot manufactured of that NDC, so a pharmacy should not be filling that NDC any longer if following proper out-date procedures.

An incorrect NPI is found when a pharmacy inadvertently bills a claim under the wrong prescriber or when the PBM believes the prescriber billed does not have prescriptive authority. Many times, this happens when two practitioners in the area have the same first and last name. If the NPI billed does not have prescribing authority (e.g., occupational therapist, psychologist, or registered nurse), the claim could flag for further review. Some states may allow certain practitioners to have prescriptive authority that may not be allowed in other states (e.g., certified nurse midwives). In these cases, the pharmacy must prove the practitioner has prescribing authority in the state, usually through searching a state license database.

In both of these cases, Humana wants the pharmacy to investigate what happened to correct the claim. Humana knows that the claims may be too old to be corrected by the pharmacy, so they simply want the pharmacy to write in the correct information on the Claim Detail Sheet and send it back to Humana for them to correct (i.e., figure out which NDC was in stock on that date or which NPI should have been billed).

PAAS Tips:

  • Ensure correct NDC billing – this will also help in case of an invoice audit later
  • Confirm the correct prescriber is billed – this can be educational for some audits but others will recoup
  • For more information regarding this topic, and to find the Comprehensive NDC SPL Data Elements File (NSDE), visit https://www.fda.gov/ForIndustry/DataStandards/StructuredProductLabeling/ucm240580.htm